On Wed, Jan 11, 2017 at 11:47 PM, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > Andy Lutomirski <luto@xxxxxxxxxx> wrote: >> There are some hashes (e.g. sha224) that have some internal trickery >> to make sure that only the correct number of output bytes are >> generated. If something goes wrong, they could potentially overrun >> the output buffer. >> >> Make the test more robust by allocating only enough space for the >> correct output size so that memory debugging will catch the error if >> the output is overrun. >> >> Tested by intentionally breaking sha224 to output all 256 >> internally-generated bits while running on KASAN. >> >> Cc: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> >> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> >> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx> > > This patch doesn't seem to depend on anything else in the series. > Do you want me to take it separately? Yes, please. Its only relation to the rest of the series is that I wanted to make sure that I didn't mess up sha224's finalization code. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html